I have a web server on our inside network (10.15.20.20) that I'd like to have receive responses from a /29 block of external IP addresses within my outside interface's IP block. So basically I'd like any web traffic that hits 22.214.171.124/29 automatically get translated/redirected from the outside to 10.15.20.20. Is this possible?
I can get it to work with a 1-to-1 Static NAT translated/redirected to 10.15.20.20. But I can't seem to get that /29 to translate to the inside address. I've tried Dynamic Policy NAT, Dynamic NAT, with access list config attempts, but it just doesn't want to take.
I'm hearing rumblings that it's not possible, to which I'd be surprised as this is possible on other vendor's firewalls.
I attached my config with clear examples of what might be a futile attempt :)
Re: Dynamic NAT - Outside Interface. Is it possible?
You understood correctly and thank you for the link. I had actually seen that thread earlier and from what it seems, I'm going to have to go that route.
I was trying to avoid having to create separate access lists for each as one of my requirements is going to be to have a complete /27 external IP to a single internal IP. That, from what I understand, is going to be 30 separate access lists. A bit tedious, but certainly doable.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :